<?php
//登录

require_once 'data/db_emp_conn.php';
header("content-type:text/html;charset=utf-8");

$username = $_POST['username'];
$password = $_POST['password'];
$username = mysql_real_string($username); //定义不能使用特殊字符1
$password = mysql_real_escape_string($password); //定义不能使用特殊字符2
 $password = md5($password); //把密码转换为md5格式
 
$sql ="
select * 
from user where account='$username'
    and password='$password'
    limit 1;
";
  
 //echo $sql;
$result = $conn->query($sql);
if($result->num_rows>0){
    echo "正确！";
}else{
    echo "用户名或密码错误！";
}
        
        
        